I solved it with relayd :) On December 20, 2018 3:00:45 AM GMT+02:00, Tom Smyth <[email protected]> wrote: >Hi, >A quick read of your rule below >pass in quick on any proto tcp from any to any port 80 rdr-to >192.168.2.21 port 8801 > >seems way too general > >try this instead >pass in quick on any proto tcp from any to 192.168.2.5 port 80 >rdr-to 192.168.2.21 port 8801 > >and see how you get on ... > > >On Thu, 20 Dec 2018 at 00:13, Flipchan <[email protected]> wrote: >> >> Hello all, >> >> I am trying to get packets(/curl -v) to go 192.168.2.4 > >192.168.2.5:80 > 192.168.2.21:8801 >> >> >> >> .5 middle host | cat /etc/pf.conf >> >> >> set skip on lo >> >> block return # block stateless traffic >> pass # establish keep-state >> >> >> pass in quick on any proto tcp from any to any port 80 rdr-to >192.168.2.21 port 8801 >> pass out quick on any proto tcp from 192.168.2.21 >> >> block return in on ! lo0 proto tcp to port 6000:6010 >> >> # Port build user does not need network >> #block return out log proto {tcp udp} user _pbuild >> >> >> >> the connection just times out, what am i missing? >> >> >> .4host$ ifconfig >> lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> mtu 32768 >> index 3 priority 0 llprio 3 >> groups: lo >> inet6 ::1 prefixlen 128 >> inet6 fe80::1%lo0 prefixlen 64 scopeid 0x3 >> inet 127.0.0.1 netmask 0xff000000 >> em0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500 >> lladdr 2c:40:0a:7d:1c:4d >> index 1 priority 0 llprio 3 >> groups: egress >> media: Ethernet autoselect (1000baseT full-duplex) >> status: active >> inet 192.168.2.5 netmask 0xffffff00 broadcast 192.168.2.255 >> enc0: flags=0<> >> index 2 priority 0 llprio 3 >> groups: enc >> status: active >> pflog0: flags=141<UP,RUNNING,PROMISC> mtu 33136 >> index 4 priority 0 llprio 3 >> groups: pflog >> $ >> >> >> i tried a syntax suggestion in on the bottom page of: >https://www.openbsd.org/faq/pf/rdr.html >> without any luck... >> >> >> i am just getting timeouts here, does anyone know how i could solve >this? >> >> >> Take Care >> Sincerely >> flipchan > > > >-- >Kindest regards, >Tom Smyth > >Mobile: +353 87 6193172 >The information contained in this E-mail is intended only for the >confidential use of the named recipient. If the reader of this message >is not the intended recipient or the person responsible for >delivering it to the recipient, you are hereby notified that you have >received this communication in error and that any review, >dissemination or copying of this communication is strictly prohibited. >If you have received this in error, please notify the sender >immediately by telephone at the number above and erase the message >You are requested to carry out your own virus check before >opening any attachment.
-- Sent from my Android device with K-9 Mail. Please excuse my brevity.
